Steven Zou
0c19eba8c2
[stage2]support pluggable scanner
...
- add scanner rest API v1 spec
- implement v1 client which is used to talk to scanner adapter
- adjust data/orm models
- adjust code package structure
Signed-off-by: Steven Zou <szou@vmware.com>
- implement scan client which is used to talk to scanner adapter
- implement scan job which take the work of communicating with scanner
- update scanner mgmt API routes
- add corresponding UT cases
2019-09-23 09:37:54 +08:00
Wenkai Yin(尹文开)
63373c8ef9
Merge pull request #9158 from reasonerjt/secure-cookie
...
Add Secure flag to cookie
2019-09-22 08:15:18 +08:00
Ziming Zhang
f6ac2687fa
fix dayspl/daysps test
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
Change-Id: I3c654e305f774c2329109888f68e708efeca721e
2019-09-20 18:32:58 +08:00
Wang Yan
38a9690f9a
Merge pull request #9180 from danfengliu/nightly-test-keyword-create-a-new-project-missing-btn-click-1
...
Add retry in keyword <Create An New Project> to make sure OK button was clicked successfully
2019-09-20 18:11:04 +08:00
Daniel Jiang
f491061b57
Merge pull request #8440 from gklp/gklp_issue_8197_wrong_header_content_type_after_redirection
...
All redirect operations should have content-type as json
2019-09-20 17:21:01 +08:00
Daniel Jiang
6effa2105a
Merge pull request #9142 from reasonerjt/oidc-groups
...
Support OIDC groups
2019-09-20 17:12:50 +08:00
Danfeng Liu (c)
9a147f0999
In nightly test, keyword <Create An New Project> failed after angular upgrade, the OK button in create new project page was clicked, but it's not effective, so I add a retry for OK button click, if the button was not disappeared, script will be clicked again.
...
Signed-off-by: Danfeng Liu (c) <danfengl@vmware.com>
2019-09-20 16:22:10 +08:00
Ziming Zhang
afe81a8b3b
adjust wait job timeout
...
Change-Id: I8f32f814158d4a7418c39edb7a781879db17a4d7
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2019-09-20 16:18:03 +08:00
danfengliu
17d221bf85
Merge pull request #9173 from danfengliu/change-way-of-checking-UI-element-value-due-to-angula-upgrade
...
Modify way of Project creation verifycation in migrate pipeline
2019-09-20 16:01:58 +08:00
jwangyangls
3144635ea1
Merge pull request #9139 from jwangyangls/add-oidc-claim
...
Add oidc group claim in config-auth、member、administrator
2019-09-20 15:58:31 +08:00
xaleeks
43b25d5ddd
Merge pull request #9166 from michmike/master
...
Updating the security disclosure process
2019-09-20 15:34:40 +08:00
Danfeng Liu (c)
9e05e6dc74
After angula upraded, all migrate pipelines failed at system setting project creation verification. Keyword of Page Should Contain is not working anymore in new UI, so I choosen a new more precise way of checking the select element value of 'everyone'
...
Signed-off-by: Danfeng Liu (c) <danfengl@vmware.com>
2019-09-20 14:55:53 +08:00
Yogi_Wang
63f135337e
Add oidc group claim
...
1. add oidc group claim in configration page
2. add oidc group-page in user page,you can go to it through clicking add-group button;
3. add oidc list page in administrator ,admin can go to this page
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-09-20 13:53:25 +08:00
Daniel Jiang
f1367064fb
Address review comment
...
Address review comments for commit
b21f9dc6f1
and resolve conflict
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-09-20 13:42:39 +08:00
Michael Michael
64e60fe9cc
Update SECURITY.md
2019-09-19 21:30:37 -07:00
Wenkai Yin(尹文开)
20262d70bb
Merge pull request #9155 from reasonerjt/gen-session-id
...
Generate new session ID after login
2019-09-20 11:22:44 +08:00
Michael Michael
3d9dc4e734
Update SECURITY.md
2019-09-19 19:08:22 -07:00
Michael Michael
e908e1c588
Update SECURITY.md
...
updating to include cncf lists for public disclosure
Signed-off-by: Michael Michael michmike@cs.stanford.edu
2019-09-19 15:29:27 -07:00
Michael Michael
0300a804c4
Update SECURITY.md
2019-09-19 15:07:20 -07:00
Michael Michael
34093e73c4
Update SECURITY.md
2019-09-19 14:22:04 -07:00
Michael Michael
e80d208192
Update SECURITY.md
2019-09-19 14:08:49 -07:00
Michael Michael
daec26a5f9
moving the doc to the top of the repo
2019-09-19 10:37:40 -07:00
Wang Yan
adc9878e65
Merge pull request #9165 from xaleeks/xaleeks-security-disclosure-process
...
security disclosure process
2019-09-20 01:09:01 +08:00
xaleeks
9b4e3fa5c4
security disclosure process
...
Signed-off-by: xaleeks <xalex@vmware.com>
2019-09-20 00:02:34 +08:00
Daniel Jiang
3e5973fc6e
Add Secure flag to cookie
...
This commit modifies nginx configuration file to make sure the secure
flag is added to "Set-Cookie" header when Harbor is serving https
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-09-19 21:04:37 +08:00
Daniel Jiang
07dd14d3b5
Generate new session ID after login
...
This commit mitigates the Session Fixation issue by making sure a new
session ID is generated each time user logs in to Harbor
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-09-19 20:51:50 +08:00
wang yan
cab07f71cd
Merge branch 'master' of https://github.com/goharbor/harbor into immutable-selector
2019-09-19 17:55:29 +08:00
Daniel Jiang
b21f9dc6f1
Support OIDC groups
...
This commit enable project admin to add group as project member when
Harbor is configured against OIDC as AuthN backend.
It populates the information of groups from ID Token based on the claim
that is set in OIDC settings.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-09-19 17:49:31 +08:00
danfengliu
c360e71d51
Merge pull request #9148 from AllForNothing/add-member-nightly
...
Improve project name validator when adding new project
2019-09-19 17:13:31 +08:00
Steven Zou
4c4897aef1
Merge pull request #9134 from steven-zou/feature/pluggable_scanners
...
support pluggable scanner
2019-09-19 16:08:24 +08:00
sshijun
6b2ba60c1e
Improve project name validator when adding new project
...
Signed-off-by: sshijun <sshijun@vmware.com>
2019-09-19 13:53:36 +08:00
jwangyangls
e505ba53f0
Merge pull request #9147 from jwangyangls/add-id-edit-rep
...
Add id in repo info button
2019-09-19 13:03:06 +08:00
Yogi_Wang
450184c4ec
Add id in repo info button
...
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-09-19 12:21:07 +08:00
jwangyangls
5ffba4a6f5
Merge pull request #9069 from danfengliu/script-project-quotas-nightly-test-case
...
Script test case for project quotas
2019-09-19 10:27:22 +08:00
Steven Zou
e324a4d623
support pluggable scanner
...
- add DAO layer for scanner registration
- add CURD manager for scanner registration
- add API controller for plug scanner
- add REST APIs for CURD of plug scanner
- add migration sql:0011_1.10.0
- add scan interface definition (no implementations)
- add related UT cases with testify
fix #8979 #8990
Signed-off-by: Steven Zou <szou@vmware.com>
2019-09-18 21:56:45 +08:00
Steven Zou
ae0c129b27
Merge pull request #9125 from wy65701436/refactor-selector
...
refactor selector of retention
2019-09-18 18:27:16 +08:00
Danfeng Liu (c)
5d1913842c
Script test case for project quotas, there will be 2 or 3 test cases in this PR, like project quota edit, prject quota functionality.
...
Signed-off-by: Danfeng Liu (c) <danfengl@vmware.com>
2019-09-18 17:55:25 +08:00
jwangyangls
e226f0a258
Merge pull request #9137 from jwangyangls/fix-group-clarity-ui
...
Supplement group ui
2019-09-18 17:45:24 +08:00
wang yan
42a5db83b2
refactor selector of retention
...
extract select from pkg/retention, move it to pkg/artselector to make it usable by immutable tag
Signed-off-by: wang yan <wangyan@vmware.com>
2019-09-18 16:38:41 +08:00
Will Sun
81a143855e
Merge pull request #9136 from AllForNothing/css-modify
...
Modify css for add-memeber page and project-config page
2019-09-18 16:29:20 +08:00
Yogi_Wang
069f884a7c
Supplement group ui
...
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-09-18 16:02:58 +08:00
sshijun
e7b2b4bb03
Modify css for add-memeber page and project-config page. Format
...
global.scss file
Signed-off-by: sshijun <sshijun@vmware.com>
2019-09-18 14:58:44 +08:00
Will Sun
de550c4073
Merge pull request #8901 from phantooom/master
...
fix portal Chinese translate
2019-09-18 14:18:46 +08:00
jwangyangls
6dd2ae90a0
Merge pull request #9011 from jwangyangls/upgrade_clarity-2.1
...
Upgrade angular from 7.1.3 to 8.2.0 and clarity from 1.0 to 2.2
2019-09-18 10:45:40 +08:00
Yogi_Wang
a7c7a8e675
Upgrade angualr from 7.1.3 to 8.2.0 and clarity from 1.0 to 2.2
...
Signed-off-by: Yogi_Wang <yawang@vmware.com>
Signed-off-by: Meina Zhou <meinaz@vmware.com>
Signed-off-by: sshijun <sshijun@vmware.com>
2019-09-18 10:12:20 +08:00
xaleeks
460756c293
Merge pull request #9130 from xaleeks/xaleeks-permissions-updates
...
added permissions for 1.9 features
2019-09-18 09:14:17 +08:00
xaleeks
8ae4c78214
fixed cve whitelist permissions
...
Signed-off-by: xaleeks <xalex@vmware.com>
2019-09-18 00:47:30 +08:00
xaleeks
bf3416cbf7
added permissions for 1.9 features
...
Signed-off-by: xaleeks <xalex@vmware.com>
2019-09-17 22:55:24 +08:00
stonezdj(Daojun Zhang)
1d16fcfd93
Merge pull request #9118 from wy65701436/fix-redeclared
...
remove filter redeclared as imported package name in base.go
2019-09-17 18:11:54 +08:00
wang yan
5498b5719b
remove filter redeclared as imported package name in base.go
...
It's introduced by https://github.com/goharbor/harbor/pull/8976
Signed-off-by: wang yan <wangyan@vmware.com>
2019-09-17 16:36:59 +08:00